| Contact Information | |
| Name: | Syed Asad Nizam |
| Email: | sanizam79 (at) gmail (dot) com [email concealed] |
| Location: | Cardiff, , United Kingdom |
| Resume | |
| Position/Title: | Jr. Security Analyst |
| Resume: |
Objective Objectives cannot be fixed, they evolve with experience and practice, so I rather be the best at what I do, than be confined to a box of listed skills so I challenge myself to progress further than before and learn to apply my experience and my knowledge for effectively advancing my expertise to a higher level. Education University of Glamorgan Wales, UK CF37 1DL Sept 2005 – June 2007 MSc. Information Security and Computer Crime Security Management, Network Security, Cryptography and eCommerce, Computer Forensics, Computer Law, Project Management and Research Methodologies. Bahria University, Karachi, Pakistan. Sept 2001 – Sept 2002 MCS. Communication and Networks Design and Implementation of Networks, Advance Networking, Design and Analysis of Protocols, Wireless and Mobile Systems Bahria Institute of Management and Computer Sciences, University of Peshawar, Pakistan Sept 1998 – Sept 2001 BCS Software Engineering Work Experience August 04 – July 05 at Vivasoft Pvt. Ltd. Project Manager, with a team of Web Developers: Understand the client’s requirements and architecting a design according to prevailing professional environment and market. Allocate tasks according to priority and skill. Manage project to achieve milestones and deliver quality products. April 04 – July 04 at FTC - Financial Technologies & Consultants (DBS W.L.L) SQA Team Head with 4 engineers: Understand the client’s requirement and develop an “SQA Plan” with a reference “Test Plan”. Producing test procedures, methods and designing test cases relevant to the application. Allocate tasks according to priority and skill. Keep the Project Manager and the analyst updated with the daily progress. Standardizing products according to the latest requirements and trends. May 03 – March 04 at Vivasoft Pvt. Ltd. As a Software Developer in a team of 5 Developers. Understanding the Clients requirements and designing and implementing applications according to the business environment of the client’s organization. During my stay I worked on 4 customized softwares. These softwares were mainly a mesh of Inventory/Accounts/Payroll Systems which were all completed during my first tenure at the firm. November 02 – April 03 at TNI Com – Trade Network International Communications Software Engineer: Analyse the business process and business flow within the organization. Design a software solution to resolve the problem facing the client. In less than six months, designed and implemented 2 Software products from scratch for the respective clients. Expertise/Skill Set Evaluating current security requirements (risk assessments) proposals and future contracts. Develop and implement information security policies and procedures. Assessing the risks to systems, and developing plans to minimise potential threats Designing new security systems or upgrading existing ones Allocating information security responsibilities. Testing and evaluating security products Audit and review security procedures. Incident Management (Intrusion Detection and Prevention). Education and Training Users. Business Continuity Planning / Crisis Management Planning. Contingency planning for disaster recovery in the event of security breaches Investigating actual breaches and carry out corrective actions Management direction for security activities. Simulating breaches to test procedures (also known as penetration testing) Testing systems for weak points (also known as vulnerability scanning) Making sure procedures meet national and international network security standards Preparing reports and technical documentation for managers and users. Interact with health safety, medical. Ensure physically secure environment. My experience allows me to work on different operating and server systems like Windows, Unix and Linux, and security technologies and procedures, such as: Firewalls and Anti-virus Software Intrusion Detection Systems (IDS) Encryption Techniques, such as Public Key Infrastructure (PKI) and Secure Socket Layer (SSL) Authentication (passwords, digital certificates and, more recently, biometrics) Penetration Testing and Vulnerability Scanning. I am familiar with common security standards and regulations, such as; International information security standard BS7799 and its successor – ISO/IEC 27001 The Data Protection and Freedom of Information Acts The IT Infrastructure Library (ITIL) framework, detailing best practice. Reports I have done research and wrote reports on the following topics, Critical Analysis of a Network Security Policy Roles and Responsibilities of the Information Security Officer Subverting ARP Subverting ICMP Steganography Explained Windows Registry = Digital Evidence? Electronic Signatures Privacy and Electronic Communication Research Proposal on Email Spam Filtering Facility(Stop All Spam) Projects “Bill Generation and Payment Software (BGAPS)” for Karachi Electric Supply Corporation Limited, Pakistan. It is a part of a combined project “Online Bill Payment System (OBPS)”. Configuring a lab based Internet Service Provider including Billing and Email Facility. Computer Forensics Timeline Generator, make a software to create a visual timeline of a computer system activities to facilitate Forensic investigators in their investigation. Hands on Experience Network Assessment & Security Tools SamSpade Version 1.14, Stunnel Version 4.14, WinPcap Version 3.2, Ethereal Version 0.10.14, arptoxin, nbtscan Version 1.5.1, Achilles Version 0.27, Nmap 3.95 Version 3.95, Nemesis 1.4 beta 3 Programming Languages, Databases and Other Tools Visual Basic 6, Turbo C, SQL & PL/SQL, Ms Access, HTML, JavaScript, Adobe PhotoShop, Macromedia Freehand, Macromedia Flash, Crystal Reports and MSOffice including Ms Access and Ms Project Forensics Tools EnCase 4.20 by Guidance Software (www.encase.com), AccessData’s Forensic Toolkit – FTK v1.61a build 06.03.13 – DEMO (www.accessdata.com), Paraben Forensic Replicator Version 4.00 (http://www.paraben-forensics.com), Disk Investigator v1.3 (http://www.theabsolute.net/sware/dskinv.html) Other Forensics Related Tools VMware Workstation Version: 4.5.3 build-19414 (www.vmware.com), Irfan View Version 3.36 (http://www.irfanview.com/), DiskImag Version 02.02 (http://www.dmares.com/maresware/html/diskimag.htm) Steganography Tools StegDetect and StegBreak (http://www.outguess.org), S-Tools Version 4.0 (http://www.jjtc.com/Security/stegtools.htm), Steghide Version 0.4.6b (http://www.forensics.nl/tools), Jpeg Hide and Seek Version 0.5 (http://www.jjtc.com/Security/stegtools.htm) References can be produced on request. |
